Darknet sites compromised and taken offline following arrest
A man suspected of running the most popular hosting service underpinning the darknet has been arrested in Ireland.
According to media reports, Eric Eoin Marques is currently being held in Ireland on an extradition request by the FBI, relating to four charges to alleged child pornography offences.
The websites he managed offered a high degree of anonymity to users and server administrators than other sites on the public web, as they were accessible only via the Tor routing service.
His arrest on Saturday coincided with mass outages affecting popular services such as Tor Mail, HackBB and the Hidden Wiki that are run on Freedom Hosting, a company largely suspected to be operated by Marques.
The exploit, under investigation by Reddit users, Tor developers, and Mozilla, appeared only to attempt to reveal the identities of Tor users visiting Freedom Hosting sites by way of an iframe script that quietly generated a universally unique identifier and redirected users to a Verizon Business IP address located near Washington DC.
The discovery of the exploit days before Marques' arrest fuelled suspicions that the attack was orchestrated by US authorities in a bid to identify users of Freedom Host child pornography sites.
The exploit targeted FireFox vulnerability (MFSA 2013-53) that was patched in the latest versions of Firefox including Firefox Extended Support, Mozilla security lead Daniel Veditz confirmed.
"Since this attack was found on Tor hidden services presumably that is because the Tor Browser Bundle is based on Firefox ESR-17. Users running the most recent TBB have all the fixes that were applied to Firefox ESR 17.0.7 and were also not at risk from this attack," he said.
Freedom Hosting was the most popular hosting service on the Tor network. It came under the public spotlight in 2011 after vigilantes aligned with the Anonymous collective warned the service to remove child abuse images residing on its servers.